CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

CVE-2022-25195

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

Jenkins autonomiq Plugin跨站请求伪造漏洞

Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A cross-site request forgery vulnerability exists in Jenkins autonomiq Plugin 1.15 and earlier versions, which stems from...

CVE-2022-25195

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

CVE-2022-25195

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

CVE-2022-25195

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

Design/Logic Flaw

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-25195

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-25195

CVE-2022-25195 refers to Jenkins autonomiq Plugin (1.15 and earlier) and describes a missing permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials, with CSRF not required and POST not m...

CVE-2022-25194

A cross-site request forgery CSRF vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials...

PT-2022-17135 · Jenkins · Jenkins Autonomiq Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins autonomiq Plugin versions 1.15 and earlier Description: A missing permission check in the Jenkins autonomiq Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified...

Jenkins 插件权限许可和访问控制问题漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. an access control error vulnerability in Jenkins autonomiq Plugin 1.15 and earlier versions, which stems from not performi...

PT-2022-17134 · Jenkins · Jenkins Autonomiq Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins autonomiq Plugin versions 1.15 and earlier Description: A cross-site request forgery CSRF vulnerability exists due to the lack of permission checks in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to ...